[Kea-users] Kea and on-commit

perl-list perl-list at network1.net
Tue Oct 18 18:30:15 UTC 2022 

You can also send lease data somewhere using the high availability hook in the passive-backup configuration: https://kea.readthedocs.io/en/latest/arm/hooks.html#passive-backup-configuration

You could create a listener that captures the data and does something with it (assumedly, whatever /usr/local/bin/dhcp-dyndns.sh is doing).

I am not sure that the options host-name and/or client-name are included, however, you would have to test.

----- Original Message -----
> From: "Frey, Rick E" <Rick.Frey at windstream.com>
> To: "Rowland Penny" <rpenny at samba.org>, "kea-users" <kea-users at lists.isc.org>
> Sent: Monday, October 17, 2022 3:24:44 PM
> Subject: Re: [Kea-users] Kea and on-commit

> Recommend that you look over the public Kea documentation, specifically the hook
> for external scripts:
> [
> https://kea.readthedocs.io/en/kea-2.2.0/arm/hooks.html#run-script-run-script-support-for-external-hook-scripts
> |
> https://kea.readthedocs.io/en/kea-2.2.0/arm/hooks.html#run-script-run-script-support-for-external-hook-scripts
> ]

> You may also want to consider modifying your current use of using the unchecked
> client provided name as an argument to your script. It may be possible to
> inject an unintended command on your system by using a crafted name sent by
> client. E.g. name of “; rm /var/lib/dhcpd/leases”.

> From: Kea-users <kea-users-bounces at lists.isc.org> on behalf of Rowland Penny via
> Kea-users <kea-users at lists.isc.org>
> Date: Monday, October 17, 2022 at 2:04 PM
> To: kea-users at lists.isc.org <kea-users at lists.isc.org>
> Subject: [Kea-users] Kea and on-commit

> CAUTION: This email originated from outside of the organization. Do not click
> links or open attachments unless you recognize the sender and know the content
> is safe.

> I have just discovered that the isc-dhcp-server is going EOL at the year
> and is being replaced by Kea. I know that the isc-dhcp-server will still
> be available from distros for sometime, but I need to find out if kea
> can work in the same way as isc-dhcp-server.

> You can set at the bottom of dhcp.conf something like this:

> on commit {
> set noname = concat("dhcp-", binary-to-ascii(10, 8, "-", leased-address));
> set ClientIP = binary-to-ascii(10, 8, ".", leased-address);
> set ClientDHCID = concat (
> suffix (concat ("0", binary-to-ascii (16, 8, "",
> substring(hardware,1,1))),2), ":",
> suffix (concat ("0", binary-to-ascii (16, 8, "",
> substring(hardware,2,1))),2), ":",
> suffix (concat ("0", binary-to-ascii (16, 8, "",
> substring(hardware,3,1))),2), ":",
> suffix (concat ("0", binary-to-ascii (16, 8, "",
> substring(hardware,4,1))),2), ":",
> suffix (concat ("0", binary-to-ascii (16, 8, "",
> substring(hardware,5,1))),2), ":",
> suffix (concat ("0", binary-to-ascii (16, 8, "",
> substring(hardware,6,1))),2)
> );
> set ClientName = pick-first-value(option host-name, config-option
> host-name, client-name, noname);
> log(concat("Commit: IP: ", ClientIP, " DHCID: ", ClientDHCID, " Name: ",
> ClientName));
> execute("/usr/local/bin/dhcp-dyndns.sh", "add", ClientIP, ClientDHCID,
> ClientName);
> }

> This will run a script that will update dns records in Samba AD.

> Can anyone point me at the Kea documentation that will show me how to do
> the above. I have done the usual Google searches and had a look at the
> Kea documentation, but couldn't readily see anything.

> Thanks in advance.

> Rowland Penny
> Samba team member

> --
> ISC funds the development of this software with paid support subscriptions.
> Contact us at [
> https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.isc.org%2Fcontact%2F&data=05%7C01%7Crick.frey%40windstream.com%7C94730a0ac2dc4e8a137508dab07267df%7C2567b4c1b0ed40f5aee358d7c5f3e2b2%7C0%7C0%7C638016302667400647%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=Vsdg7n1OuqqrvbZZrBQ1Qcw91AWez6jUceLf2U01EHA%3D&reserved=0
> |
> https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.isc.org%2Fcontact%2F&data=05%7C01%7Crick.frey%40windstream.com%7C94730a0ac2dc4e8a137508dab07267df%7C2567b4c1b0ed40f5aee358d7c5f3e2b2%7C0%7C0%7C638016302667400647%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=Vsdg7n1OuqqrvbZZrBQ1Qcw91AWez6jUceLf2U01EHA%3D&reserved=0
> ] for more information.

> To unsubscribe visit [
> https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.isc.org%2Fmailman%2Flistinfo%2Fkea-users&data=05%7C01%7Crick.frey%40windstream.com%7C94730a0ac2dc4e8a137508dab07267df%7C2567b4c1b0ed40f5aee358d7c5f3e2b2%7C0%7C0%7C638016302667400647%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=hiq5sHWT23aHy8qG7qq2%2BoJIUXh%2BXK%2F3uQuA0NuITbM%3D&reserved=0
> |
> https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.isc.org%2Fmailman%2Flistinfo%2Fkea-users&data=05%7C01%7Crick.frey%40windstream.com%7C94730a0ac2dc4e8a137508dab07267df%7C2567b4c1b0ed40f5aee358d7c5f3e2b2%7C0%7C0%7C638016302667400647%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=hiq5sHWT23aHy8qG7qq2%2BoJIUXh%2BXK%2F3uQuA0NuITbM%3D&reserved=0
> ] .

> Kea-users mailing list
> Kea-users at lists.isc.org
> [
> https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.isc.org%2Fmailman%2Flistinfo%2Fkea-users&data=05%7C01%7Crick.frey%40windstream.com%7C94730a0ac2dc4e8a137508dab07267df%7C2567b4c1b0ed40f5aee358d7c5f3e2b2%7C0%7C0%7C638016302667400647%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=hiq5sHWT23aHy8qG7qq2%2BoJIUXh%2BXK%2F3uQuA0NuITbM%3D&reserved=0
> |
> https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.isc.org%2Fmailman%2Flistinfo%2Fkea-users&data=05%7C01%7Crick.frey%40windstream.com%7C94730a0ac2dc4e8a137508dab07267df%7C2567b4c1b0ed40f5aee358d7c5f3e2b2%7C0%7C0%7C638016302667400647%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=hiq5sHWT23aHy8qG7qq2%2BoJIUXh%2BXK%2F3uQuA0NuITbM%3D&reserved=0
> ]

> Sensitivity: Internal

> --
> ISC funds the development of this software with paid support subscriptions.
> Contact us at https://www.isc.org/contact/ for more information.

> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

> Kea-users mailing list
> Kea-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/kea-users

More information about the Kea-users mailing list